package matlap.database.jdbc;

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import matlap.database.ConnectionManager;
import matlap.database.dao.UserDAO;
import matlap.shared.User;

public class UserJdbcDAO implements UserDAO {
	Connection con = null;
	Statement st = null;
	ResultSet rs = null;

	/**
	 * Checks the users username AND password at the login.
	 */

	@Override
	public User loginUser(String userName, String password) {
		Hash hash = new Hash();
		String passw = hash.hashPassword(password);

		User user = new User();
		user.setLogin(false);

		try {
			ConnectionManager.initConnection();
			con = ConnectionManager.createConnection();
			st = con.createStatement();
			rs = st.executeQuery("SELECT role from registered,people WHERE registered.username=people.username AND registered.username='"
					+ userName + "' AND password='" + passw + "'");

			if (rs.next()) {
				user.setRole(rs.getInt("role"));
				user.setLogin(true);
				user.setUserName(userName);
				user.setPassword(passw);

				if (user.getRole() == 2) {
					rs = st.executeQuery("SELECT accept from registered,teacher WHERE registered.username=teacher.username and registered.username ='"+userName+"'");

					if (rs.next()) {
						user.setAccept(rs.getInt("accept"));
					}

				}

			} else {
				rs = st.executeQuery("SELECT role from registered,people WHERE registered.username=people.username AND registered.username='"
						+ userName + "'");
				if (rs.next()) {
					user.setMessage("wrongPassword");

				} else
					user.setMessage("wrongUser");
			}

		} catch (ClassNotFoundException e) {
			e.printStackTrace();
		} catch (SQLException e) {
			e.printStackTrace();
			System.out.println(e.getMessage());
		} finally {
			try {
				ConnectionManager.closeConnection(con);
			} catch (SQLException e) {
				e.printStackTrace();
			}
		}
		return user;
	}

	/**
	 * Turns back a User from registered AND people tables by adding username.
	 */
	@Override
	public User getUser(String userName) {
		User user = new User();
		try {
			ConnectionManager.initConnection();
			con = ConnectionManager.createConnection();
			st = con.createStatement();
			rs = st.executeQuery("SELECT last_name,first_name,people.address AS address,Email_address AS email,phone_number as phone from registered,people WHERE registered.username=people.username AND registered.username='"
					+ userName + "'");

			if (rs.next()) {
				user.setLastName(rs.getString("last_name"));
				user.setFirstName(rs.getString("first_name"));
				user.setAddress(rs.getString("address"));
				user.setEmail(rs.getString("email"));
				user.setPhone(rs.getString("phone"));
			}

		} catch (ClassNotFoundException e) {
			e.printStackTrace();
		} catch (SQLException e) {
			e.printStackTrace();
			System.out.println(e.getMessage());
		} finally {
			try {
				ConnectionManager.closeConnection(con);
			} catch (SQLException e) {
				e.printStackTrace();
			}
		}

		return user;
	}

	/**
	 * Updates a user in people AND registered tables by adding User;
	 */
	public void updateUser(User user) {
		try {
			ConnectionManager.initConnection();
			con = ConnectionManager.createConnection();

			Statement st = con.createStatement();
			String s = new String("UPDATE people SET last_name='"
					+ user.getLastName() + "'WHERE username='"
					+ user.getUserName() + "'");
			st.executeUpdate(s);

			s = new String("UPDATE people SET first_name='"
					+ user.getFirstName() + "'WHERE username='"
					+ user.getUserName() + "'");
			st.executeUpdate(s);

			s = new String("UPDATE people SET address='" + user.getAddress()
					+ "'WHERE username='" + user.getUserName() + "'");
			st.executeUpdate(s);

			s = new String("UPDATE registered SET address='" + user.getAddress()
					+ "'WHERE username='" + user.getUserName() + "'");
			st.executeUpdate(s);

			s = new String("UPDATE registered SET Email_address='"
					+ user.getEmail() + "'WHERE username='"
					+ user.getUserName() + "'");
			st.executeUpdate(s);

			s = new String("UPDATE registered SET phone_number='"
					+ user.getPhone() + "'WHERE username='"
					+ user.getUserName() + "'");
			st.executeUpdate(s);

			if ((user.getPassword() != null)
					&& !(user.getPassword().equals(""))) {
				
				Hash hash = new Hash();
				String password = hash.hashPassword(user.getPassword());
				s = new String("UPDATE registered SET password='" + password
						+ "'WHERE username='" + user.getUserName() + "'");
				st.executeUpdate(s);
			}
		} catch (SQLException ex) {
			System.err.println(ex.getMessage());
		} catch (ClassNotFoundException e) {
			e.printStackTrace();
		} finally {
			try {
				ConnectionManager.closeConnection(con);
			} catch (SQLException e) {
				e.printStackTrace();
			}
		}

	}

}
